WordPress Plugin Vulnerabilities

Good LMS < 2.1.5 - Unauthenticated SQL Injection

Description

The Good LMS WordPress plugin was vulnerable to Unauthenticated SQL Injection in its 'id' parameter of the gdlr_lms_cancel_booking action.

Proof of Concept

Affects Plugins

Plugin icon
goodlms
Fixed in 2.1.5

References

CVE
CVE-2020-27481
Exploitdb
49033
URL
https://codecanyon.net/item/good-lms-learning-management-system-wp-plugin/9033850

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
10.0 (critical)

Miscellaneous

Original Researcher
Abdulazeez Alaseeri
Verified
No
WPVDB ID
652eaef8-5a3c-4a2d-ac60-b5414565c397

Timeline

Publicly Published
2020-11-12 (about 5 years ago)
Added
2020-11-12 (about 5 years ago)
Last Updated
2020-11-17 (about 5 years ago)

Other

Published
Title
Published
2025-05-01
Title
Advance Seat Reservation Management for WooCommerce < 3.4 - Unauthenticated SQL Injection
Published
2024-04-16
Title
WooCommerce Multilingual & Multicurrency with WPML < 5.3.4 - Shop Manager+ SQL Injection
Published
2024-09-30
Title
WP Easy Gallery <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter
Published
2024-05-27
Title
Push Notification for Post and BuddyPress <=1.93 - Multiple Unauthenticated SQLi
Published
2020-11-02
Title
WP Activity Log < 4.1.5 - SQL Injection in External Database Module